Re: Request to merge Undefined Behavior Sanitizer in

[Marek Polacek <polacek at redhat dot com>]

On Thu, Jul 25, 2013 at 10:40:22PM +0000, Joseph S. Myers wrote:
> What happens if you bootstrap with this enabled - do whatever failures 
> appear look like genuine bugs?  Running the testsuite with a compiler 
> built with this option?  Running the testsuite with this option used when 
> compiling all these tests.  I guess that initially a bootstrap with this 
> option may fail because of existing bugs, and so the other tests mentioned 
> can't yet be run - but using this option on GCC itself, and making sure 
> that as far as possible it doesn't break compiling things or change 
> diagnostics generated at compile time, seem like good goals.

The bootstrap with -fsanitize=undefined currently fails.  One issue is
http://gcc.gnu.org/ml/gcc-patches/2013-07/msg01480.html
(-Wuninitialized needs fixing I'm afraid), and another is e.g.:

  switch (i)
    {
      case 0 * (1 / 0):
        ;
    }

In the above, in C, we always fail (check_case_value issues 
"error: case label does not reduce to an integer constant").  But in C++,
with -fsanitize=undefined, we get
error: â__builtin___ubsan_handle_divrem_overflow((& *.Lubsan_data0), 1u, 0u)â
is not a constant expression
and without sanitizing, there's no error (of course the behavior
is undefined).  I'm not sure how to deal with this, clang in both C/C++ says
error: expression is not an integral constant expression
It seems that this should be handled in semantics.c:verify_constant,
but the function gets <integer_cst ... constant 0> as a tree parameter...

Other than that, currently no other issues leap to mind; I ran 
gcc.dg/*const-expr* tests with -fsanitize=undefined and everything's fine,
gcc.dg/overflow-warn* has some failures, all due to "case 0 * (1 / 0)" issue.

Thanks,

	Marek